chore(deps): bump the dev-dependencies group with 7 updates #79

dependabot · 2023-11-01T19:08:59Z

Bumps the dev-dependencies group with 7 updates:

Package	From	To
github.com/go-logr/logr	`1.2.4`	`1.3.0`
github.com/onsi/gomega	`1.28.0`	`1.29.0`
google.golang.org/grpc	`1.58.2`	`1.59.0`
k8s.io/api	`0.28.2`	`0.28.3`
k8s.io/client-go	`0.28.2`	`0.28.3`
k8s.io/klog/v2	`2.100.1`	`2.110.1`
sigs.k8s.io/controller-runtime	`0.16.2`	`0.16.3`

Updates github.com/go-logr/logr from 1.2.4 to 1.3.0

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.3.0

This release adds support for slog in a new, self-contained logr/slogr package. Implementers of a logr.LogSink are encouraged, but not required, to extend their implementation to improve the quality of log output coming from a slog API call.

Breaking change: the call depth for LogSink.Enabled when called via Logger.Enabled was fixed to be the same as for other call paths. Implementers of a LogSink who have worked around this bug will need to remove their workarounds.

Security best practices were improved. Only Go versions >= 1.18 are supported by this release.

What's Changed

Fix golangci-lint fails by @thockin in go-logr/logr#173

Add minimal permissions to workflows by @pnacht in go-logr/logr#177

Add a security policy by @pnacht in go-logr/logr#178

Update security email by @thockin in go-logr/logr#181

docs: explain relationship between Logger{} and Discard() by @pohly in go-logr/logr#182

Add the OpenSSF Scorecard workflow by @pnacht in go-logr/logr#186

README: show of OpenSSF Scorecard badge by @pohly in go-logr/logr#187

Hash-pin workflow Actions by @pnacht in go-logr/logr#189

Bump go versions to 1.18+ by @thockin in go-logr/logr#203

slogr: add glue code for logging to slog.Handler and with slog.Logger by @pohly in go-logr/logr#205

slogr: restore original backend when converting back and forth by @pohly in go-logr/logr#210

slogr: add SlogSink by @pohly in go-logr/logr#211

Use same call depth for Enabled, Info, Error by @thockin in go-logr/logr#218

test: eliminate helper func by @thockin in go-logr/logr#219

docs: interoperability with slog by @pohly in go-logr/logr#222

build(deps): bump actions/setup-go from 3.5.0 to 4.0.1 by @dependabot in go-logr/logr#190

build(deps): bump github/codeql-action from 2.20.1 to 2.20.3 by @dependabot in go-logr/logr#191

build(deps): bump github/codeql-action from 2.20.3 to 2.20.4 by @dependabot in go-logr/logr#192

build(deps): bump github/codeql-action from 2.20.4 to 2.21.0 by @dependabot in go-logr/logr#193

build(deps): bump github/codeql-action from 2.21.0 to 2.21.2 by @dependabot in go-logr/logr#194

build(deps): bump github/codeql-action from 2.21.2 to 2.21.3 by @dependabot in go-logr/logr#207

build(deps): bump actions/setup-go from 4.0.1 to 4.1.0 by @dependabot in go-logr/logr#206

build(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 by @dependabot in go-logr/logr#209

build(deps): bump github/codeql-action from 2.21.3 to 2.21.4 by @dependabot in go-logr/logr#208

build(deps): bump actions/checkout from 3.5.3 to 3.6.0 by @dependabot in go-logr/logr#214

build(deps): bump github/codeql-action from 2.21.4 to 2.21.5 by @dependabot in go-logr/logr#217

build(deps): bump actions/checkout from 3.6.0 to 4.0.0 by @dependabot in go-logr/logr#220

build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in go-logr/logr#221

build(deps): bump github/codeql-action from 2.21.5 to 2.21.7 by @dependabot in go-logr/logr#223

build(deps): bump github/codeql-action from 2.21.7 to 2.21.8 by @dependabot in go-logr/logr#224

build(deps): bump actions/checkout from 4.0.0 to 4.1.0 by @dependabot in go-logr/logr#225

build(deps): bump github/codeql-action from 2.21.8 to 2.21.9 by @dependabot in go-logr/logr#226

build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0 by @dependabot in go-logr/logr#227

build(deps): bump github/codeql-action from 2.21.9 to 2.22.0 by @dependabot in go-logr/logr#228

build(deps): bump github/codeql-action from 2.22.0 to 2.22.3 by @dependabot in go-logr/logr#229

build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot in go-logr/logr#231

build(deps): bump github/codeql-action from 2.22.3 to 2.22.4 by @dependabot in go-logr/logr#230

New Contributors

... (truncated)

Commits

8adefbe docs: interoperability with slog
ebabbb9 build(deps): bump github/codeql-action from 2.22.3 to 2.22.4
9c361f0 build(deps): bump actions/checkout from 4.1.0 to 4.1.1
d9b2b78 Merge pull request #229 from go-logr/dependabot/github_actions/github/codeql-...
91cec29 build(deps): bump github/codeql-action from 2.22.0 to 2.22.3
2ea8628 Merge pull request #228 from go-logr/dependabot/github_actions/github/codeql-...
37a4f55 Merge pull request #227 from go-logr/dependabot/github_actions/ossf/scorecard...
ecf310c build(deps): bump github/codeql-action from 2.21.9 to 2.22.0
d73e05e build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0
1d1c415 Merge pull request #226 from go-logr/dependabot/github_actions/github/codeql-...
Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.28.0 to 1.29.0

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.29.0

1.29.0

Features

MatchError can now take an optional func(error) bool + description [2b39142]

v1.28.1

1.28.1

Maintenance

Bump github.com/onsi/ginkgo/v2 from 2.12.0 to 2.13.0 [635d196]

Bump github.com/google/go-cmp from 0.5.9 to 0.6.0 [14f8859]

Bump golang.org/x/net from 0.14.0 to 0.17.0 [d8a6508]

#703 doc(matchers): HaveEach() doc comment updated [2705bdb]

Minor typos (#699) [375648c]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.29.0

Features

MatchError can now take an optional func(error) bool + description [2b39142]

1.28.1

Maintenance

Bump github.com/onsi/ginkgo/v2 from 2.12.0 to 2.13.0 [635d196]

Bump github.com/google/go-cmp from 0.5.9 to 0.6.0 [14f8859]

Bump golang.org/x/net from 0.14.0 to 0.17.0 [d8a6508]

#703 doc(matchers): HaveEach() doc comment updated [2705bdb]

Minor typos (#699) [375648c]

Commits

b94b195 v1.29.0
2b39142 MatchError can now take an optional func(error) bool + description
ab6045c v1.28.1
635d196 Bump github.com/onsi/ginkgo/v2 from 2.12.0 to 2.13.0
14f8859 Bump github.com/google/go-cmp from 0.5.9 to 0.6.0
d8a6508 Bump golang.org/x/net from 0.14.0 to 0.17.0
2705bdb #703 doc(matchers): HaveEach() doc comment updated
375648c Minor typos (#699)
See full diff in compare view

Updates google.golang.org/grpc from 1.58.2 to 1.59.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.58.3

Security

server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Commits

7765221 Change version to 1.59.0 (#6695)
e88f12e server: prohibit more than MaxConcurrentStreams handlers from running at once...
be7919c transport: Pass Header metadata to tap handle. (#6652)
e3f1514 Reapply "status: fix/improve status handling (#6662)" (#6673) (#6688)
696faa9 client: add a test for NewSubConn / StateListener / cc.Close racing (#6678)
318c717 readme: fix badges (#6687)
39972fd github: add code coverage with codecov.io (#6676)
93dbc05 xds: move virtual host matcher test to the xdsresource package (#6680)
2c00469 github: update actions/setup-go and actions/checkout (#6675)
1f73ed5 Replace the gRFC pull request with the permanent link. (#6674)
Additional commits viewable in compare view

Updates k8s.io/api from 0.28.2 to 0.28.3

Commits

59c6b15 Update dependencies to v0.28.3 tag
579c82b Merge pull request #121128 from MadhavJivrajani/bump-x-net-128
f72d479 .: bump golang.org/x/net to v0.17.0
See full diff in compare view

Updates k8s.io/client-go from 0.28.2 to 0.28.3

Commits

9d454d6 Update dependencies to v0.28.3 tag
fb42861 Merge pull request #121128 from MadhavJivrajani/bump-x-net-128
a013666 .: bump golang.org/x/net to v0.17.0
See full diff in compare view

Updates k8s.io/klog/v2 from 2.100.1 to 2.110.1

Release notes

Sourced from k8s.io/klog/v2's releases.

Prepare klog release for Kubernetes v1.29 (Take 1)

What's Changed

fix: SetLogger via klog.SetLogger will output an unexpected newline by @aimuz in kubernetes/klog#378

resolve comments warning by @lowang-bh in kubernetes/klog#379

stderrthreshold: fix flag comment by @pohly in kubernetes/klog#376

enable "go vet" checks for parameters by @pohly in kubernetes/klog#390

promote experimental code to stable by @pohly in kubernetes/klog#392

golangci-lint action by @pohly in kubernetes/klog#380

output: handle WithName like zapr does by @pohly in kubernetes/klog#391

slog support + logr 1.3.0 update by @pohly in kubernetes/klog#384

New Contributors

@aimuz made their first contribution in kubernetes/klog#378

@lowang-bh made their first contribution in kubernetes/klog#379

Full Changelog: kubernetes/klog@v2.100.1...v2.110.1

Commits

e3f75b8 Merge pull request #384 from pohly/slog
44eadc3 add slog support
cc856bb update to logr 1.3.0
02e7b69 Merge pull request #391 from pohly/with-name-output
009a04a output: handle WithName like zapr does
b588475 Merge pull request #380 from pohly/golangci-lint-action
1a0dfc5 github: run golangci-lint via action
ef25537 fix revive issues
edee20c Merge pull request #392 from pohly/promote-experimental
18cdd3a promote experimental code to stable
Additional commits viewable in compare view

Updates sigs.k8s.io/controller-runtime from 0.16.2 to 0.16.3

Release notes

Sourced from sigs.k8s.io/controller-runtime's releases.

v0.16.3

What's Changed

🐛Update dependency go-restful to 3.11.0 by @k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#2516

🐛 Correctly identify if patch call was made on status by @k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#2515

🐛 Handle unstructured status update with fake client by @troy0820 in kubernetes-sigs/controller-runtime#2523

✨ Cache: Allow defining options that apply to all namespaces that themselves have no explicit config by @k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#2539

🐛 bump golang.org/x/net to v0.17.0 by @joelanford in kubernetes-sigs/controller-runtime#2541

🌱 Bump k8s to 1.28.3 by @varshaprasad96 in kubernetes-sigs/controller-runtime#2552

Full Changelog: kubernetes-sigs/controller-runtime@v0.16.2...v0.16.3

Commits

5f8d96b Merge pull request #2552 from varshaprasad96/bump/k8s-1.28.3
5572514 [fix]: Bump k8s to 1.28.3
7c1e2d9 Merge pull request #2541 from joelanford/0.16-golang-x-net
5201923 🐛 bump golang.org/x/net to v0.17.0
8b5b1a2 Merge pull request #2539 from k8s-infra-cherrypick-robot/cherry-pick-2528-to-...
b9c691d sparkles: Cache: Allow defining options that apply to all namespaces that the...
8361246 Merge pull request #2523 from troy0820/troy0820/cherry-pick-to-release-0.16
f7b7450 🐛 Handle unstructured status update with fake client (#2495)
2d6b699 [release-0.16] 🐛 Correctly identify if patch call was made on status (#2515)
da31104 Merge pull request #2516 from k8s-infra-cherrypick-robot/cherry-pick-2507-to-...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dev-dependencies group with 7 updates: | Package | From | To | | --- | --- | --- | | [github.com/go-logr/logr](https://github.com/go-logr/logr) | `1.2.4` | `1.3.0` | | [github.com/onsi/gomega](https://github.com/onsi/gomega) | `1.28.0` | `1.29.0` | | [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.58.2` | `1.59.0` | | [k8s.io/api](https://github.com/kubernetes/api) | `0.28.2` | `0.28.3` | | [k8s.io/client-go](https://github.com/kubernetes/client-go) | `0.28.2` | `0.28.3` | | [k8s.io/klog/v2](https://github.com/kubernetes/klog) | `2.100.1` | `2.110.1` | | [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) | `0.16.2` | `0.16.3` | Updates `github.com/go-logr/logr` from 1.2.4 to 1.3.0 - [Release notes](https://github.com/go-logr/logr/releases) - [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md) - [Commits](go-logr/logr@v1.2.4...v1.3.0) Updates `github.com/onsi/gomega` from 1.28.0 to 1.29.0 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.28.0...v1.29.0) Updates `google.golang.org/grpc` from 1.58.2 to 1.59.0 - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.58.2...v1.59.0) Updates `k8s.io/api` from 0.28.2 to 0.28.3 - [Commits](kubernetes/api@v0.28.2...v0.28.3) Updates `k8s.io/client-go` from 0.28.2 to 0.28.3 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](kubernetes/client-go@v0.28.2...v0.28.3) Updates `k8s.io/klog/v2` from 2.100.1 to 2.110.1 - [Release notes](https://github.com/kubernetes/klog/releases) - [Changelog](https://github.com/kubernetes/klog/blob/main/RELEASE.md) - [Commits](kubernetes/klog@v2.100.1...v2.110.1) Updates `sigs.k8s.io/controller-runtime` from 0.16.2 to 0.16.3 - [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases) - [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md) - [Commits](kubernetes-sigs/controller-runtime@v0.16.2...v0.16.3) --- updated-dependencies: - dependency-name: github.com/go-logr/logr dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: k8s.io/client-go dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: k8s.io/klog/v2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: sigs.k8s.io/controller-runtime dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2023-11-01T19:09:01Z

The following labels could not be found: dependencies.

m-yosefpor merged commit 1fdae54 into main Nov 2, 2023

dependabot bot deleted the dependabot/go_modules/dev-dependencies-7a4b39e763 branch November 2, 2023 10:36

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the dev-dependencies group with 7 updates #79

chore(deps): bump the dev-dependencies group with 7 updates #79

dependabot bot commented on behalf of github Nov 1, 2023

dependabot bot commented on behalf of github Nov 1, 2023

chore(deps): bump the dev-dependencies group with 7 updates #79

chore(deps): bump the dev-dependencies group with 7 updates #79

Conversation

dependabot bot commented on behalf of github Nov 1, 2023

v1.3.0

What's Changed

New Contributors

v1.29.0

1.29.0

Features

v1.28.1

1.28.1

Maintenance

1.29.0

Features

1.28.1

Maintenance

Release 1.58.3

Security

Prepare klog release for Kubernetes v1.29 (Take 1)

What's Changed

New Contributors

v0.16.3

What's Changed

dependabot bot commented on behalf of github Nov 1, 2023